The purpose of the study is to improve the incident management process. The article considers the process approach to incident management in case of technical failures and its main stages: detection, response, investigation, elimination, resolution. At the stages of response and investigation of the incident, as well as its elimination, there is an urgent problem, which is the violation of the deadlines adopted in the Service Level Agreement (SLA). A comparative analysis of the indicators before and after the application of the proposed use case approach is carried out. The proposed algorithm, applying the base of use cases, allows reducing the number of incidents that are returned for revision, as well as reduce the number of incidents, the resolution period of which exceeds the limits accepted according to the SLA. The scientific novelty lies in the use of the case analysis device for incident processing in the technical support service. Materials and methods. To solve the above problem related to the violation of the deadlines for processing incidents accepted in the SLA, the article considers an approach to improving the incident management process based on the use case analysis of incidents. The use of the case analysis device is a cycle of reasoning based on use cases. By the value of the degree of similarity to the incident, a specific use case and the associated decision-making scenario are selected. The method of plausible reasoning allows us to solve the problem of multiple escalations as an integrated automation tool and, as a result, reduce the number of violations of the deadlines for resolving incidents. This approach allows you to increase the efficiency of finding similar scenarios for responding to incidents. The nearest neighbor method is used to compare and extract use cases. This method does not require large computational costs and provides the required degree of reliability (error) of the decision. The application of the nearest neighbor method is based on calculating the degree of proximity of the current situation to the use cases stored in the base of use cases. Results. The proposed approach allowed us to develop a new algorithm for classifying incidents in the information system based on the use case and statistical analysis, which reduces the response time and eliminates incidents. The analysis of statistical data is carried out; the efficiency is estimated as a result of the application of the algorithm based on the use case analysis. The assessment showed a significant reduction in unnecessary escalations of incidents to the second support line, so the application of the base of use cases in resolving incidents allowed for improving the incident management process. Conclusion. In the course of the study, the main problem in the incident management process was identified - violation of the deadlines adopted in the SLA. The basic incident management algorithm is analyzed. The application of the method of plausible reasoning and the nearest neighbor method is justified. The cycle of updating the base of use cases and the conceptual model of the incident management process are considered. Within the framework of the developed conceptual model, the base of use cases includes decisions made by experts, which use the knowledge of previous experience to get out of a particular situation. An algorithm for finding a solution in the base of use cases is implemented. A distinctive feature of the developed algorithm is the application of a use case recognition algorithm and the search for similar images contained in the base of use cases using the nearest neighbor method.
Read full abstract